CVE-2024-50550

Published: Oct 29, 2024Modified: Apr 23, 2026

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

Incorrect Privilege Assignment vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Privilege Escalation.This issue affects LiteSpeed Cache: from n/a through <= 6.5.1.

Affected (1)

Products: Litespeedtech: Litespeed Cache

Litespeedtech

1 product

Litespeed Cache

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Litespeedtech Litespeed Cache	Before 6.5.2

Related CWEs

CWE-266

Incorrect Privilege Assignment

A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.

CWE-326

Inadequate Encryption Strength

The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.

References (1)

https://patchstack.com/database/Wordpress/Plugin/litespeed-cache/vulnerability/wordpress-litespeed-cache-plugin-6-5-1-privilege-escalation-vulnerability?_s_id=cve

Source: audit@patchstack.com

Timeline

No history available yet.